self-sigs with weaker hashes
Werner Koch
wk at gnupg.org
Wed Jan 11 08:19:59 CET 2017
On Wed, 11 Jan 2017 00:58, dkg at fifthhorseman.net said:
> Should gpg just ignore or filter out the "bad" self-sigs that it doesn't
> think are valid, rather than leaking warnings every time the key is
> encountered?
I general I would say yes. I use --check-sigs to look for such bogus
signatures and thus we would need to add a new --verify-option to allow
printing them.
Or we could try to suppress the
gpg: DSA key 308B0A7BD8DEC2EC requires a 256 bit or larger hash (hash is SHA1)
line and output
sig%3 308B0A7BD8DEC2EC 2015-08-22 [Key requires a 256 bit or
larger hash (hash is SHA1)]
However, that might be larger chage and too late for 2.2.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: </pipermail/attachments/20170111/4b08ed9c/attachment-0001.sig>
More information about the Gnupg-devel
mailing list